﻿@{
    // Set the layout page and page title
    Layout = "~/Shared/_SiteLayout.cshtml";
    Page.Title = "Password Reset";

    var newPasswordError = "";
    var confirmPasswordError = "";
    var passwordResetTokenError = "";
    var passwordResetToken = Request.Form["resetToken"] ?? Request.QueryString["resetToken"];
    var disabledAttribute = "";

    bool isValid = true;
    bool tokenExpired = false;
    bool isSuccess = false;

    if (IsPost)
    {
        var newPassword = Request["newPassword"];
        var confirmPassword = Request["confirmPassword"];

        if (newPassword.IsEmpty())
        {
            newPasswordError = "Please enter a new password.";
            isValid = false;
        }

        if (confirmPassword != newPassword)
        {
            confirmPasswordError = "The password confirmation did not match the new password.";
            isValid = false;
        }

        if (passwordResetToken.IsEmpty())
        {
            passwordResetTokenError = "Please enter your password reset token. It should have been sent to you in an email.";
            isValid = false;
        }

        if (isValid)
        {
            if (SiteSecurity.ResetPassword(passwordResetToken, newPassword))
            {
                disabledAttribute = @"disabled=""disabled""";
                isSuccess = true;
            }
            else
            {
                passwordResetTokenError = "The password reset token is invalid.";
                tokenExpired = true;
                isValid = false;
            }
        }
        else
        {
            isValid = false;
        }
    }
}
@if (!isValid)
{
    <p class="message error">
        @if (tokenExpired)
        {
            <text>The password reset token is incorrect or may be expired. Visit the <a href="@Href("~/Account/ForgotPassword")">
                forgot password page</a> to generate a new one.</text>
        }
        else
        {
            <text>Could not reset password. Please correct the errors and try again.</text>
        }
    </p>
}
@if (isSuccess)
{
    <p class="message success">
        Password changed! Click <a href="@Href("~/Account/Login")" title="Login">here</a>
        to login.
    </p>
}
<form method="post" action="">
<fieldset>
    <legend>Password Change Form</legend>
    @if (!WebMail.SmtpServer.IsEmpty())
    {
        <p>
            Please type in your new password below and click the <em>Reset Password</em> button
            to change your password.</p>
        <ol>
            <li class="new-password">
                <label for="newPassword">
                    New Password:</label>
                <input type="password" id="newPassword" name="newPassword" title="New Password" @disabledAttribute @if (!newPasswordError.IsEmpty())
                                                                                                                   {<text>class="error-field"</text>} />
                @if (!newPasswordError.IsEmpty())
                {
                    <label for="newPassword" class="validation-error">@newPasswordError</label>
                }
            </li>
            <li class="confirm-password">
                <label for="confirmPassword">
                    Confirm Password:</label>
                <input type="password" id="confirmPassword" name="confirmPassword" title="Confirm new password" @disabledAttribute @if (!confirmPasswordError.IsEmpty())
                                                                                                                                   {<text>class="error-field"</text>} />
                @if (!confirmPasswordError.IsEmpty())
                {
                    <label for="confirmPassword" class="validation-error">@confirmPasswordError</label>
                }
            </li>
            <li class="reset-token">
                <label for="resetToken">
                    Password Reset Token:</label>
                <input type="text" id="resetToken" name="resetToken" value="@passwordResetToken" title="Password reset token" @disabledAttribute @if (!passwordResetTokenError.IsEmpty())
                                                                                                                                                 {<text>class="error-field"</text>} />
                @if (!passwordResetTokenError.IsEmpty())
                {
                    <label for="resetToken" class="validation-error">@passwordResetTokenError</label>
                }
            </li>
        </ol>
        <p class="form-actions">
            <input type="submit" value="Reset Password" title="Reset password" @disabledAttribute />
        </p>
    }
    else
    {
        <p class="message info">
            Password recovery is disabled for this website because the SMTP server is not configured
            correctly. Please contact the owner of this site to reset your password.
        </p>
    }
</fieldset>
</form>